e6951fff48a40d83089782f565aa1b06ea67f256ffdad636936dd2b3a93a0c74 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-02-02_8d60c1012255cd970de2352485a978b9_cryptolocker
Size

59KB
Sample

240202-sylx4abehm
MD5

8d60c1012255cd970de2352485a978b9
SHA1

9a33384b6426df856e8aedb51071cb29fc33fa88
SHA256

e6951fff48a40d83089782f565aa1b06ea67f256ffdad636936dd2b3a93a0c74
SHA512

13de1806960e41fa28339589356dddd6d981e409e047da6b059fd5da0b122c8ef45114b4e82f92a41821c4b836dfa41c66f432bc929457b5e39b2be018740ac2
SSDEEP

1536:btB9g/xtCSKfxLIc//Xr+/AO/kIZ3ft2nVuTKB6nggOlHdUHOM:btng54SMLr+/AO/kIhfoKMHda

Score

10^/10

Malware Config

Targets

- Target
  
  2024-02-02_8d60c1012255cd970de2352485a978b9_cryptolocker
- Size
  
  59KB
- MD5
  
  8d60c1012255cd970de2352485a978b9
- SHA1
  
  9a33384b6426df856e8aedb51071cb29fc33fa88
- SHA256
  
  e6951fff48a40d83089782f565aa1b06ea67f256ffdad636936dd2b3a93a0c74
- SHA512
  
  13de1806960e41fa28339589356dddd6d981e409e047da6b059fd5da0b122c8ef45114b4e82f92a41821c4b836dfa41c66f432bc929457b5e39b2be018740ac2
- SSDEEP
  
  1536:btB9g/xtCSKfxLIc//Xr+/AO/kIZ3ft2nVuTKB6nggOlHdUHOM:btng54SMLr+/AO/kIhfoKMHda
Score

9^/10
- Detection of CryptoLocker Variants
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2